FireEye Inc. announced the launch of Mandiant(r) Mergers & Acquisitions (M&A) Risk Assessment, a new rapid service offering cybersecurity assessment as to the level of cyber security risk present in the acquisition that could drive decisions. The new service is launching with FireEye law firm partner Pillsbury Winthrop Shaw Pittman.
The M&A Risk Assessment is a week-long service evaluating key security components utilizing sector specific best practices and global control frameworks, FireEye’s nation-state grade intelligence, and Mandiant’s decade of experience responding to the most impactful security breaches, in order to identify threats earlier in the M&A process. Mandiant consultants generate risk ratings of target security areas and develop recommendations that customers, their legal partners, and other M&A partners can use for decision making.
Mandiant consultants have developed a unique methodology for M&A Risk Assessment that evaluates four core security areas viz
Threat Detection & Response to evaluate the maturity and thoroughness of a target organization’s response processes and technologies;Access Controls to identify whether proactive controls have been established to prevent unauthorized access to sensitive data; Infrastructure Security to ensure that effective controls are in place from network to endpoints to prevent compromise, Data Safeguards to determine if proper capabilities exist to identify, monitor and protect high-value information assets
“There has been a very supportive deal environment for M&A activity in parallel with the increasingly complex and effective attacks we have responded to over the last few years,” said Holly Ridgeway, director, information security programs, FireEye. “As attackers have already utilized M&A activity to gain access to other organizations, it is critical that teams take an intelligence-led approach to evaluate and advice on the risks a target organization can introduce earlier in the process and in lock-step with legal and other partners.”
Another key component of M&A Risk Assessment is partnership with legal firms that allows their customers to be ahead of the curve prior to a breach or security event. FireEye works with law firms to bring our world class products and services to their clients.
“FireEye Cyber Risk team partners with law firms that specialize in M&A. Our law firm partners recognize and support the need and solution for a cyber security due diligence that is embedded into their legal process,” said Karen Kukoda, director of cyber risk partnerships.